/*
 *    Copyright (c) 2023-2025, chenda All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions are met:
 *
 * Redistributions of source code must retain the above copyright notice,
 * this list of conditions and the following disclaimer.
 * Redistributions in binary form must reproduce the above copyright
 * notice, this list of conditions and the following disclaimer in the
 * documentation and/or other materials provided with the distribution.
 * Neither the name of the cfp4cloud.com developer nor the names of its
 * contributors may be used to endorse or promote products derived from
 * this software without specific prior written permission.
 * Author: chenda (chendainfo@gmail.com)
 */
package com.cfp4cloud.cfp.common.security.service;

import cn.hutool.core.collection.CollUtil;
import com.cfp4cloud.cfp.admin.api.dto.UserInfo;
import com.cfp4cloud.cfp.common.core.constant.CommonConstants;
import com.cfp4cloud.cfp.common.core.constant.SecurityConstants;
import com.cfp4cloud.cfp.common.core.constant.enums.UserTypeEnum;
import com.cfp4cloud.cfp.common.core.util.MsgUtils;
import org.springframework.core.Ordered;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;

import java.util.Collection;
import java.util.HashSet;
import java.util.Optional;
import java.util.Set;

/**
 * @author chenda
 * @date 2018/8/15
 */
public interface CfpUserDetailsService extends UserDetailsService, Ordered {

	/**
	 * Notfound 用户错误代码
	 */
	String NOTFOUND_USER_ERROR_CODE = "UserDetailsService.notFound";

	/**
	 * 是否支持此客户端校验
	 * @param clientId 请求客户端
	 * @param grantType 授权类型
	 * @return true/false
	 */
	default boolean support(String clientId, String grantType) {
		return true;
	}

	/**
	 * 排序值 默认取最大的
	 * @return 排序值
	 */
	default int getOrder() {
		return 0;
	}

	/**
	 * 获取用户详细信息
	 * @param userInfoOptional 用户信息：可选
	 * @return {@link UserDetails }
	 */
	default UserDetails getUserDetails(Optional<UserInfo> userInfoOptional) {
		// @formatter:off
		return  userInfoOptional
				.map(this::convertUserDetails)
				.orElseThrow(() -> new UsernameNotFoundException(MsgUtils.getSecurityMessage(NOTFOUND_USER_ERROR_CODE)));
		// @formatter:on
	}

	/**
	 * UserInfo 转 UserDetails
	 * @param info
	 * @return 返回UserDetails对象
	 */
	default UserDetails convertUserDetails(UserInfo info) {
		Set<String> dbAuthsSet = new HashSet<>();

		// 维护角色列表
		info.getRoleList().forEach(role -> dbAuthsSet.add(SecurityConstants.ROLE + role.getRoleId()));

		// 维护权限列表
		dbAuthsSet.addAll(info.getPermissions());
		Collection<GrantedAuthority> authorities = AuthorityUtils
			.createAuthorityList(dbAuthsSet.toArray(new String[0]));

		// 构造security用户
		Long deptId = null;
		if (CollUtil.isNotEmpty(info.getDeptList())) {
			deptId = CollUtil.getFirst(info.getDeptList()).getDeptId();
		}
		return new CfpUser(info.getUserId(), info.getUsername(), deptId, info.getPhone(), info.getAvatar(),
				info.getNickname(), info.getName(), info.getEmail(), info.getTenantId(),
				SecurityConstants.BCRYPT + info.getPassword(), true, true, UserTypeEnum.TOB.getStatus(),
				!CommonConstants.STATUS_LOCK.equals(info.getPasswordExpireFlag()) // 密码过期判断
				, info.getPasswordModifyTime(), !CommonConstants.STATUS_LOCK.equals(info.getLockFlag()), authorities);
	}

	/**
	 * 通过用户实体查询
	 * @param cfpUser user
	 * @return
	 */
	default UserDetails loadUserByUser(CfpUser cfpUser) {
		return this.loadUserByUsername(cfpUser.getUsername());
	}

}
